The COVID-19 pandemic led to lockdowns and the global trend of offices shutting down. Staff suddenly had to switch to remote working, and the number of UK professionals working remotely was 70% in April 2020.
There is no sign of this trend going away as the pandemic disappeared, with many businesses seeing the benefits of reduced office costs and better employee wellbeing.
However, remote working has also increased the cybersecurity threat that all modern businesses face. Discover how remote working is threatening your cybersecurity in this article and the primary step you can take to reduce this risk.
What are the Cyber-Risks of Remote Working?
Remote working has increased the cybersecurity risk on your business in three avenues: hardware, software, and behaviour.
The risk added in the hardware category comes from the far higher likelihood of your staff using their personal devices to complete their work. This is a risk because your staff is likely to use these personal devices in a far riskier way, accessing and downloading content from far less secure sources, and potentially inviting malware into your company systems.
The software risk comes from employees’ home network connections. While your company network will have firewalls and network monitoring, very few home networks are adequately protected, presenting an easy target for hackers.
Finally, remote workers suffered from additional stress and fatigue because of the pandemic and the additional stressors of the pandemic. A Society of Human Resources Management study found that 35% of employees reported tiredness because of working from home. Therefore, they may pay less attention and will be at greater risk of falling foul of malware or scams.
How has Remote Working Changed Cybercrime?
The primary approach of cybercriminals to remote workers has been to spot the vulnerabilities described above and increase the scale and audacity of their attacks accordingly. Threat actors are targeted the human error factor most heavily, with Barracuda Networks reporting a 667% increase in phishing emails sent to their customers.
These attacks on remote workers have been deployed to devastating impact on countless businesses. While singular attacks on small businesses have been regular, the massive attacks on multiple businesses have been best publicised. For example, the July 2023 REvil Attacks on remote workers impacted 1,000 US and 500 Swedish businesses, from whom they demanded $70 million worth of bitcoin.
Training for Cyber-Secure Remote Working
The human error factor has always been a huge problem for cybersecurity, with 90% of cyber-attacks being directly attributable to it. Remote working has exacerbated this threat even further, with staff being unsupervised at an unprecedented level.
The key to reducing the severity of threat actors is to provide your staff with cybersecurity training. You will also need to roll out ongoing training programs and news bulletins whenever new threats emerge.
If you’re not sure where to start with your cybersecurity training program, we recommend reading Micro Pro’s article, “How to Train Your Staff in Cybersecurity Awareness”. Alternatively, call in a professional cybersecurity expert.